Move hashing directories to evse-security
27 new issues (0 max.) of at least minor severity.
Issues
======
- Added 27
See the complete overview on Codacy
Annotations
Check notice on line 76 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L76
C-style pointer casting
Check notice on line 100 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L100
C-style pointer casting
Check failure on line 118 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L118
The `memcpy` family of functions require the developer to validate that the destination buffer is the same size or larger than the source buffer.
Check notice on line 128 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L128
The scope of the variable 'ch' can be reduced.
Check notice on line 144 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L144
Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Check failure on line 144 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L144
The `strlen` family of functions does not handle strings that are not null terminated.
Check warning on line 150 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L150
Usage of the `readlink` function call hints at a potential Time Of Check Time Of Use (TOCTOU) vulnerability.
Check notice on line 156 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L156
Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Check failure on line 156 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L156
The `strlen` family of functions does not handle strings that are not null terminated.
Check notice on line 163 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L163
The scope of the variable 'x' can be reduced.
Check notice on line 166 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L166
The scope of the variable 'digest' can be reduced.
Check notice on line 168 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L168
The scope of the variable 'type' can be reduced.
Check warning on line 224 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L224
Usage of the `access` function call hints at a potential Time Of Check Time Of Use (TOCTOU) vulnerability.
Check notice on line 229 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L229
Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Check failure on line 229 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L229
The `strlen` family of functions does not handle strings that are not null terminated.
Check notice on line 232 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L232
C-style pointer casting
Check warning on line 263 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L263
When handling sensitive information in a buffer, it's important to ensure that the data is securely erased before the buffer is deleted or reused.
Check notice on line 271 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L271
Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Check notice on line 276 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L276
Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Check failure on line 276 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L276
The `strlen` family of functions does not handle strings that are not null terminated.
Check notice on line 277 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L277
Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Check failure on line 277 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L277
The `strlen` family of functions does not handle strings that are not null terminated.
Check notice on line 286 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L286
Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Check notice on line 293 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L293
Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Check failure on line 293 in 3rd_party/cert_rehash/c_rehash.hpp
codacy-production / Codacy Static Code Analysis
3rd_party/cert_rehash/c_rehash.hpp#L293
The `strlen` family of functions does not handle strings that are not null terminated.